Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    March 2012
    S M T W T F S
    « Feb   Apr »
     123
    45678910
    11121314151617
    18192021222324
    25262728293031
  • Email Subscription

  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for March 13th, 2012




    Six is a rather small number for this month’s round of Microsoft bulletins, but one stands out as a very critical update: MS12-020, aka, the “Remote Desktop Could Allow Remote Code Execution” vulnerability. Microsoft warned IT admin about this flaw in their MSRC (Microsoft Security Response Center) blog entry. From the MSRC blog: “We recommend that customers focus on MS12-020, our sole critical-class bulletin, as the March deployment priority.”

    Based on the Microsoft posting, the critical flaw applies to a fairly specific subset of systems – those running RDP – and is “less problematic for those systems with Network Level Authentication (NLA) enabled”. This could allow would-be attackers to achieve remote code execution on a machine running RDP (Remote Desktop Protocol). RDP allows remote access to systems for admins to manage them remotely. An exploit for such remote access does not require network credentials, however, systems that do not have RDP enabled are not at risk.

    Other issues covered in this month’s Patch Tuesday include one moderate and four important security bulletins. IT administrators are advised to abide by the patch operating procedures for these fixes.

    Trend Micro Deep Security has just released an update which addresses the critical RDP vulnerability under the rule name 1004949 – Remote Desktop Protocol Vulnerability (CVE-2012-0002). Our page on the Threat Encyclopedia also contains respective Trend Micro solutions that cover the rest of this month’s patches.

    Update as of March 15, 2012, 6:12 p.m. (PST)

    The update for MS12-020 is now available for Intrusion Defense Firewall (IDF), too. Deep Security currently has coverage with Deep Security Update DSRU12-006 and IDF with update 12007. Deep Security provides coverage for four vulnerabilities, while IDF provides coverage for three.

     
    Posted in Exploits, Vulnerabilities | Comments Off



    Lately the tech media has been full of information about the next generation of desktop/laptop operating systems that will probably come out later this year. Microsoft has been blogging continuously about Windows 8 at the Building Windows 8 blog for months, culminating in the recent announcement of Windows on ARM (WoA) and the Windows 8 Consumer Preview. Apple has also released to developers a preview of OS X 10.8 Mountain Lion.

    While all of these new operating systems have their own set of new features, there are some changes and new features that may change the way consumers use and secure their systems. They all have one common theme: they are increasingly being “locked down”, with users being unable to download and run applications without some form of curation by the vendor – i.e., Microsoft or Apple.

    Windows 8/Windows on ARM: WinRT and the Windows App Store

    Most of the press attention on Windows 8 has focused on its new UI, which is based on the Metro design language currently used by Windows Phone and the Xbox 360 Dashboard. However, not only do Metro apps look different, they are developed completely different as well.

    Metro apps are built using a completely different set of APIs, which is known as WinRT. This represents a break from the previous Windows API, which is in use by all current applications (and malware) on Windows. From a security perspective, there are two key changes with WinRT: first, all WinRT apps are sandboxed. While some developers may find this problematic, this will help minimize the impact of application vulnerabilities. Read the rest of this entry »

     


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice